Hi, I have an easy problem with routing in my OpenWRT device 15.05 (BusyBox v1.23.2) but I can't figure it out, my scenario shows up in pictures below. each Lan number of my access point have unique IP but I cant ping any of them, my device successfully connects to the Access point and I use static IP for it. my problem is: I want to ping LAN interface with my wireless device and reverse ( i have the same problem with two wireless devices; none of them will be pinged). I will be appreciated if you guide me. thanks!
Topic: ping problem forward wan to lan
The content of this topic has been archived on 27 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Page 1 of 1
You're saying you want to be able to ping between LAN and WLAN connected devices, correct? (Not WAN to LAN as stated in the title). I believe WLAN and LAN are generally bridged by default. Could you provide your configuration files ("/etc/config/switch", "/etc/config/network", "/etc/config/firewall", and "/etc/config/wireless")? That should help someone get you an answer.
Just a note, if your wifi devices are windows and you have answered you are on public netwrork or you don't won't to be visible, pings are disabled on windows firewall, maybe that's why they don't respond to pings.
GimliTheDwarf wrote:
You're saying you want to be able to ping between LAN and WLAN connected devices, correct? (Not WAN to LAN as stated in the title). I believe WLAN and LAN are generally bridged by default. Could you provide your configuration files ("/etc/config/switch", "/etc/config/network", "/etc/config/firewall", and "/etc/config/wireless")? That should help someone get you an answer.
thanks! dear,
yeah i want that. i dont have "/etc/config/switch" , but others are :
Network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdd9:924a:7417::/48'
config interface 'wan'
option ifname 'eth0'
option proto 'static'
option ipaddr '192.168.1.31'
option netmask '255.255.255.0'
config interface 'wan6'
option ifname 'eth0'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
option mirror_source_port '0'
option mirror_monitor_port '0'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '5 6'
option vid '2'
config switch_vlan
option device 'switch0'
option vlan '3'
option vid '3'
option ports '4 0t'
config switch_vlan
option device 'switch0'
option vlan '4'
option vid '4'
option ports '3 0t'
config switch_vlan
option device 'switch0'
option vlan '5'
option vid '5'
option ports '2 0t'
config switch_vlan
option device 'switch0'
option vlan '6'
option vid '6'
option ports '1 0t'
config interface 'lan1'
option ifname 'eth1.3'
option proto 'static'
option ipaddr '192.168.1.32'
option netmask '255.255.255.0'
option broadcast '192.168.1.255'
config interface 'lan2'
option ifname 'eth1.4'
option _orig_ifname 'eth1.4'
option _orig_bridge 'false'
option proto 'dhcp'
config interface 'lan3'
option ifname 'eth1.5'
option proto 'static'
config interface 'lan4'
option ifname 'eth1.6'
option proto 'dhcp'Firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan'
config zone
option name 'wan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
option mtu_fix '1'
option network 'wan wan6'
config forwarding
option src 'wan'
option dest 'lan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config rule
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '36'
option hwmode '11a'
option path 'virtual/mac80211_hwsim/hwsim0'
option htmode 'VHT80'
config wifi-iface
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'
option disabled '1'
config wifi-device 'radio1'
option type 'mac80211'
option channel '36'
option hwmode '11a'
option path 'virtual/mac80211_hwsim/hwsim1'
option htmode 'VHT80'
config wifi-iface
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'
option disabled '1'
config wifi-device 'radio2'
option type 'mac80211'
option hwmode '11g'
option path 'platform/qca955x_wmac'
option htmode 'HT20'
option country 'US'
option channel '2'
option txpower '20'
option disabled '0'
config wifi-device 'radio2'
option type 'mac80211'
option hwmode '11g'
option path 'platform/qca955x_wmac'
option htmode 'HT20'
option country 'US'
option channel '2'
option txpower '20'
option disabled '0'
config wifi-iface
option device 'radio2'
option mode 'ap'
option ssid 'openwrt'
option encryption 'none'
option hidden '1'
config wifi-device 'radio3'
option type 'mac80211'
option hwmode '11g'
option path 'platform/ehci-platform.0/usb1/1-1/1-1.3/1-1.3:1.0'
option htmode 'HT20'
option txpower '20'
option country 'CN'
option channel '2'
option disabled '0'
config wifi-iface
option device 'radio3'
option mode 'ap'
option encryption 'none'
option hidden '1'
option ssid 'openwrt123'Notice: may I miss some package?! cause when I searched in wiki https://wiki.openwrt.org/doc/networking/routing I found this page that tells us
you need to install the IP package
did i miss something?
nozombian wrote:
Just a note, if your wifi devices are windows and you have answered you are on public netwrork or you don't won't to be visible, pings are disabled on windows firewall, maybe that's why they don't respond to pings.
thanks! dear,
but when I ping it with my router too, still the same problem,
arp -a show mac address as 00:000:00:00:00. seems like it can't find mac address in the network. dose OpenWRT have a solution for this?
Notice: sometimes I have successful pinging, destination unreachable and request timeout all same Time
If you have "client privacy" enabled, you will not be able to ping between devices on your WLAN.
cvmiller wrote:
If you have "client privacy" enabled, you will not be able to ping between devices on your WLAN.
how can I check it out?
thanks!
The discussion might have continued from here.
Page 1 of 1